I received a notification email from my SSL certificate authority that the certificate for www.gamerfootprint.com would expire soon. One of my co-workers told me about a free certificate authority called Let's Encrypt and I thought I'd give it a try. The process for installation is quite simple using a neat tool called Certify. After filling out the brief survey, you can download the application and register your email with Let's Encrypt and then begin creating certificates for IIS. It was as simple as selecting my IIS sites from a drop down and requesting a certificate. The certificates are downloaded and automatically installed. They have an expiration after 90 days, but you can easily request a new certificate after expiration. The Certify application is still in alpha, but they are actively working on adding new features. Hopefully we can have auto-renew as a feature some day soon! I'd pay for that feature for sure!

If you're running a web server, I highly recommend using Let's Encrypt because it is free and it's never been easier to install SSL certificates than before.

Note: If you have a domain and CNAME, you'll need to make sure you select the proper SSL certificate in the site bindings. I actually just have https://www.cameronjtinker.com/ bound to port 443 and then I've got http://cameronjtinker.com and http://www.cameronjtinker.com redirecting to the secure site.

The other day, I splurged on getting a wildcard SSL certificate for my website, www.iga-home.net. I felt that it was important to secure content on my site for my users as sensitive data is sent when users login or post content to the site. I bought a wildcard SSL certificate since I wanted to be able to secure all subdomains of iga-home.net and not be restricted to just iga-home.net or www.iga-home.net.

After I created the request on IIS for the certificate, I copied the output into my web browser on Comodo's website for requesting an SSL certificate. It seemed fairly straight forward. About 10-15 minutes later, I received an email with my SSL certificate attached in a zip file. I opened the zip file and saw my certificate with a .cert extension. I fiddled around for a while with trying to get this certificate installed through mmc and IIS's manager. When I tried to install my certificate through IIS, I kept receiving errors that IIS couldn't find my certificate request. I followed many tutorials and couldn't find a solution. I later found this page that said I should install these certificates first through mmc before I could install my purchased SSL certificate in IIS. After I installed these mentioned certificates, IIS accepted my certificate and I proceeded to adding SSL to my website. It's a shame that these certificates weren't bundled with the original zip file. It would have made life a lot easier.

My next task is to add a rewrite rule for sending all http requests to https requests. I also want to write a resource handler that caches remote resources on my server so that all resources are secure. In Google Chrome it will notify the user if some content displayed on a page is insecure and I want to remedy this problem.